Re: 3.4-release random freeze

2008-07-31 Thread nachocheeze 
I've been running OpenBSD for various things probably since somewhere
around version 3.4 or 3.5.  One thing that has always been a
constant...

If you have random unexplainable crashes, freezes, lockups, dumps to a
ddb prompt that don't involve a kernel crash or known exploit, it's
99% likely you have some bad hardware.

It may not always be apparent; not too long ago I had a shiny sparkly
Dell Poweredge 2850 router with all the trimmings that seemed just
fine, but every now and then for no good reason it'd crash to a ddb
promptno kernel problems, nothing to indicate anything bad had
happened, no possible exploits.  No reason for the crashes that I
could see; they'd happen at 3:00am when we were passing 30Mb of
traffic, or in the middle of the day when passing 250Mb.  You never
knew when it'd take a dump; I had it run for weeks at a clip smoothly,
and had it dump 3 times in a day.

Probably 3 months after this begin happening, the major alarm orange
hardware light on the box started flashing.  I had to replace all the
RAM modules (2 GB).  They'd all gone south.

The same box has now been stable for over a year with the same install.

Based on your dmesg, that's a truly ancient box anyway.  An AMD-K6
with a BIOS revision of January of 2000?  Save yourself some headaches
and just toss it.  PC's are cheap.  Time is what's expensive.


On Thu, Jul 31, 2008 at 5:39 PM, Paul M [EMAIL PROTECTED] wrote:
 Hi all

 I'm attempting to install 4.3-release on an old compac but I'm getting
 random freezes shortly after boot. The most it has stayed up is about
 1/2 hour, usually it'll die within a few minutes, sometimes it'll die
 during boot - once it even failed during the install process. The only
 way to recover is to kill the power.

 I'm at a loss, there is nothing in the logs, no messages, I've
 memtested the ram, swapped out the ram, surface scanned the disk,
 swapped out the disk, swapped out the nic, run without a nic, disabled
 acpi ... I cant think of anything else to try.
 I've reinstalled the original windows disk, and tried it with an old
 freebsd insaller I had lying around and they both work just fine.
 I'm not using X.
 My next step would be to try -stable or -current, but I dont have much
 faith.

 If anybody could shed any light or suggest further tests or ... anything
 I'd be very gratefull.


 paul



 OpenBSD 4.3 (GENERIC) #698: Wed Mar 12 11:07:05 MDT 2008
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC
 cpu0: AMD-K6(tm) 3D processor (AuthenticAMD 586-class) 534 MHz
 cpu0: FPU,V86,DE,PSE,TSC,MSR,MCE,CX8,PGE,MMX
 real mem  = 125399040 (119MB)
 avail mem = 113070080 (107MB)
 mainbus0 at root
 bios0 at mainbus0: AT/286+ BIOS, date 01/28/00, BIOS32 rev. 0 @ 0xfa130,
  SMBIOS rev. 2.1 @ 0xfc660 (12 entries)
 bios0: vendor Compaq version 686S4 date 01/28/2000
 bios0: Compaq Compaq PC
 acpi0 at bios0: rev 0
 acpi0: tables DSDT FACP SSDT
 acpi0: wakeup devices PBTN(S1) PCI0(S1) USB1(S1) USB0(S1)
 acpitimer0 at acpi0: 3579545 Hz, 32 bits
 acpiprt0 at acpi0: bus 0 (PCI0)
 acpicpu0 at acpi0: C2
 acpibtn0 at acpi0: PBTN
 bios0: ROM list: 0xc/0x1 0xec000/0x4000!
 cpu0 at mainbus0
 pci0 at mainbus0 bus 0: configuration mode 1 (no bios)
 pchb0 at pci0 dev 0 function 0 VIA VT8501 rev 0x03
 agp0 at pchb0: v2, aperture at 0x5000, size 0x1000
 ppb0 at pci0 dev 1 function 0 VIA VT8501 AGP rev 0x00
 pci1 at ppb0 bus 1
 vga1 at pci1 dev 0 function 0 Trident CyberBlade i7 rev 0x5c
 wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
 wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
 pcib0 at pci0 dev 7 function 0 VIA VT82C686 ISA rev 0x14
 pciide0 at pci0 dev 7 function 1 VIA VT82C571 IDE rev 0x06: ATA66,
  channel 0 configured to compatibility, channel 1 configured to
  compatibility
 wd0 at pciide0 channel 0 drive 0: QUANTUM FIREBALL EX3.2A
 wd0: 16-sector PIO, LBA, 3078MB, 6303935 sectors
 wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2
 pciide0: channel 1 disabled (no drives)
 uhci0 at pci0 dev 7 function 2 VIA VT83C572 USB rev 0x06: irq 11
 uhci1 at pci0 dev 7 function 3 VIA VT83C572 USB rev 0x06: irq 11
 viaenv0 at pci0 dev 7 function 4 VIA VT82C686 SMBus rev 0x10: HWM
  disabled: failed to map PM I/O space
 rl0 at pci0 dev 8 function 0 Realtek 8139 rev 0x10: irq 3, address
  00:c0:a8:7b:47:c8
 rlphy0 at rl0 phy 0: RTL internal PHY
 esa0 at pci0 dev 13 function 0 ESS ES1989 rev 0x10: irq 5
 ac97: codec id 0x45838308 (ESS Technology ES1921)
 ac97: codec features 20 bit DAC, 20 bit ADC, ESS Technology
 audio0 at esa0
 isa0 at pcib0
 isadma0 at isa0
 pckbc0 at isa0 port 0x60/5
 pckbd0 at pckbc0 (kbd slot)
 pckbc0: using irq 1 for kbd slot
 wskbd0 at pckbd0: console keyboard, using wsdisplay0
 pms0 at pckbc0 (aux slot)
 pckbc0: using irq 12 for aux slot
 wsmouse0 at pms0 mux 0
 pcppi0 at isa0 port 0x61
 midi0 at pcppi0: PC speaker
 spkr0 at pcppi0
 lpt0 at isa0 port 0x378/4 irq 7
 npx0 at isa0 port 0xf0/16: reported by CPUID; using exception 16
 pccom0 at isa0 port

OpenBSD router - CARP to VRRP

2007-10-03 Thread nachocheeze 
Dunno if this is possible...

I'm trying to set up an OpenBSD (4.2 snapshot) router as a VRRP
neighbor to a Juniper M7i (JunOS version 7.5R2).  I've set up the
following:

On the M7i Gigabit interface:

unit 0 {
description Gigabit Ethernet Backbone;
family inet {
mtu 9000;
no-redirects;
address X.X.X.49/28 {
vrrp-group 55 {
virtual-address X.X.X.55;
priority 10;
accept-data;
}
}
}
}

 show vrrp detail
Physical interface: ge-0/0/0, Unit: 0, Address: X.X.X.49/28
  Index: 72, SNMP ifIndex: 72, VRRP-Traps: enabled
  Interface state: up, Group: 55, State: master
  Priority: 10, Advertisement interval: 1, Authentication type: none
  Preempt: yes, Accept-data mode: yes, VIP count: 1, VIP: X.X.X.55
  Advertisement timer: 0.631s, Master router: X.X.X.49
  Virtual router uptime: 00:46:48, Master router uptime: 00:46:39
  Virtual MAC: 00:00:5e:00:01:37
  Tracking: disabled


On the OpenBSD machine (4.2 GENERIC.MP#259):

msk0: flags=8943UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST mtu 9000
lladdr 00:00:5a:72:6f:9f
description: Gigabit Ethernet Backbone #1
media: Ethernet autoselect (1000baseT full-duplex)
status: active
inet X.X.X.50 netmask 0xfff0 broadcast X.X.X.63
inet6 fe80::200:5aff:fe72:6f9f%msk0 prefixlen 64 scopeid 0x4

carp1: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500
lladdr 00:00:5e:00:01:37
carp: MASTER carpdev msk0 vhid 55 advbase 1 advskew 150
groups: carp
inet6 fe80::200:5eff:fe00:137%carp1 prefixlen 64 scopeid 0xe
inet X.X.X.55 netmask 0xfff0 broadcast X.X.X.63

CARP preempt is set on the BSD box.

They both show up as CARP/VRRP masters no matter how much I play with
the VRRP priority or the CARP advskew, and cause duplicate IP probs
(same IP, same virtual MAC).

I turned on logging for CARP, and am getting this:

carp: packet too short 40 on carp1
carp: packet too short 40 on carp1
carp: packet too short 40 on carp1
etc, etc

Doing a sniff, it looks like the VRRP packet from the Juniper is 10
bytes smaller than the CARP packet on the BSD machine (60 bytes vs
70).  Does anyone know if there's a tweakable option to fix this, or
if it's even possible to do this at all (is CARP compatible with
regular VRRP)?

OpenBGPd Regular Expression

2007-09-18 Thread nachocheeze 
I saw from a thread a while back that putting as-path regular
expression support into OpenBGPd was being considered.  I'm testing
out a 4.2 snapshot, and so far it doesn't seem to be there just yet.

For various reasons, I'd like to be able to tweak prefixes based on
some specific as-path values a la Juniper.  This kind of stuff:

Criteria: Path whose second AS number must be 56 or 78.
Regular Expression: (. 56) | (. 78) or . (56|78)
Example Matches:  1234 56 and/or 34 78

http://www.juniper.net/techpubs/software/junos/junos74/swconfig74-policy/html/policy-extend-match-config3.html

Anyone know if this is in the works?

Re: Webhosting Control Panel

2007-05-31 Thread nachocheeze 

Google around, there's a few open source products...here's a couple of note:

http://www.ispconfig.org
http://www.ravencore.com

On 5/31/07, Karel Galuka [EMAIL PROTECTED] wrote:

Could you recommend me some Webhosting control panel for OpenBSD?

Thanks
Karel

Re: Packets Per Second Limit?

2007-05-31 Thread nachocheeze 

Depends on the byte size of the packet.  If most of your throughput is
standard 1500 byte packets, you should have little to no problem.

If someone starts blasting out 64 byte packets at wire speed though,
your link will be toast long before traffic ever reaches 100Mbps.

On 5/31/07, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:

Anyone know the maximum packets per second that can traverse a 100MB
internet link. From what I've been able to gather its about 8300 or so? Is
this number accurate? Do connections just start to timeout once I hit this
limit? I'm a little worried about this because we are fast approaching this
mark and am afraid were gonna hit it before we max out are available
bandwidth? Anyone ever run into this situation or am I just paranoid?

VPN manpage missing in 4.0?

2007-02-19 Thread nachocheeze 

Noticed that 4.0 release (fresh install) seems to be missing a couple
of man pages that exist in both 3.9 and 'current'.

$ uname -a
OpenBSD hostname.domainname.com 4.0 GENERIC#1107 i386

$ man vpn
man: no entry for vpn in the manual.

Went thru the list of the See Also man pages listed under both 3.9
and 'current', and found another that also doesn't exist for some
reason.

$ man ipsecadm
man: no entry for ipsecadm in the manual.

Hadn't seen anything referencing this on the web site or on [EMAIL PROTECTED]

No big deal, just curious why these are missing on the 4.0 release.
Was this simply an oversight, or is there we left this out for a
reason; we don't think you should use these items under 4.0 logic
behind this?

Re: OpenBSD - Vlans - CISCO

2006-12-09 Thread nachocheeze 

Darren beat me to it...

The hex value of 0xff00 = 255.0.0.0 in decimal.

The hosts have a Class A subnet mask.  I'm guessing that since you
have a Class C broadcast address, you do not want to do this.

Fix your mask on the vlan interfaces, then try again.

On 12/9/06, Darren Spruell [EMAIL PROTECTED] wrote:

On 12/9/06, michel bidard [EMAIL PROTECTED] wrote:
 Ok ... here is the ifconfig -A ...

 # ifconfig -A
[snip]
 vlan0: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500
 lladdr 00:48:54:80:d0:ec
 vlan: 2 priority: 0 parent interface: rl0
 groups: vlan
 inet6 fe80::248:54ff:fe80:d0ec%vlan0 prefixlen 64 scopeid 0x8
 inet 10.0.0.1 netmask 0xff00 broadcast 255.255.255.0
 vlan1: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu 1500
 lladdr 00:48:54:80:d0:ec
 vlan: 3 priority: 0 parent interface: rl0
 groups: vlan
 inet6 fe80::248:54ff:fe80:d0ec%vlan1 prefixlen 64 scopeid 0x9
 inet 10.0.1.1 netmask 0xff00 broadcast 255.255.255.0
[...]

Fix your subnet mask. 0xff00 puts all of your vlan interfaces on
the same subnet. And it looks like your broadcast was set to what you
wanted your netmask to be.

DS

OpenBGPd Looking Glass?

2006-12-06 Thread nachocheeze 

Has anyone as of yet written, or know of, a looking glass script that
can be used with OpenBGPd to act as a looking glass/route server?  I
need to deploy a semi-public looking glass, don't really want to use
zebra/quagga, and don't really have the time (or the programming
chops, I'll admit it) to hack up a script.

Here's the latest info I've been able to find based on one of
Henning's presentations:

BGPd has a second, restricted, control socket now; I coded that two
weeks ago. It only allows certain messages - namely those behind the
BGPd show operations. While running httpd in a chroot environment,
which is default on OpenBSD, a cgi can call the bgpctl binary placed
inside the chroot, passing the path to this restricted socket. Then,
you just need the cgi to call that, and the looking glass is done.

The cgi... yeah, someone needs to sit down and hack that, but it
should be easy.